Vulnerability Details CVE-2023-33404
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.843
EPSS Ranking 99.3%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2023-33404
-
cpe:2.3:a:blogengine:blogengine.net:3.3
-
cpe:2.3:a:blogengine:blogengine.net:3.3.5.0
-
cpe:2.3:a:blogengine:blogengine.net:3.3.6.0
-
cpe:2.3:a:blogengine:blogengine.net:3.3.7.0
-
cpe:2.3:a:blogengine:blogengine.net:3.3.8.0